[Announce] GnuPG 2.1.0 "modern" released

Simon Nicolussi sinic at sinic.name
Fri Nov 7 22:21:01 CET 2014

The announcement read:
> If you already have a version of GnuPG installed, you can simply
> verify the supplied signature.  For example to verify the signature
> of the file gnupg-2.1.0.tar.bz2 you would use this command:
>   gpg --verify gnupg-2.1.0.tar.bz2.sig

Invoking GnuPG that way is insecure without knowing the contents of the
signature file. An attacker could have replaced it by something that's
not, in fact, a detached signature.

I've attached an exemplary signature file (named gnupg-2.1.0.tar.bz2.sig
for your convenience) that demonstrates the problem:
> $ echo evil stuff > gnupg-2.1.0.tar.bz2
> $ gpg2 --verify gnupg-2.1.0.tar.bz2.sig
> gpg: Signature made Fri Oct 31 07:55:15 2014 CET using RSA key ID 4F25E3B6
> gpg: Good signature from "Werner Koch (dist sig)" [full]

Future announcements should call --verify with two files as arguments;
the same goes for https://www.gnupg.org/download/integrity_check.html:
>   gpg --verify gnupg-2.1.0.tar.bz2.sig gnupg-2.1.0.tar.bz2.sig

Simon Nicolussi <sinic at sinic.name>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnupg-2.1.0.tar.bz2.sig
Type: application/octet-stream
Size: 293691 bytes
Desc: not available
URL: </pipermail/attachments/20141107/809060e0/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: </pipermail/attachments/20141107/809060e0/attachment-0001.sig>

More information about the Gnupg-users mailing list